diff --git a/wrapper/python/wolfssl/test/test_client.py b/wrapper/python/wolfssl/test/test_client.py
index 35f5f491b..2a7c02104 100644
--- a/wrapper/python/wolfssl/test/test_client.py
+++ b/wrapper/python/wolfssl/test/test_client.py
@@ -28,16 +28,15 @@ import ssl
 import wolfssl
 
 class SSLClientTest(unittest.TestCase):
-    ssl_provider = ssl
-    host = "www.google.com"
+    provider = ssl
+    host = "www.globalsign.com"
     port = 443
 
     def setUp(self):
         self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
 
     def test_wrap_socket(self):
-        secure_sock = self.ssl_provider.wrap_socket(
-            self.sock, ssl_version=self.ssl_provider.PROTOCOL_SSLv23)
+        secure_sock = self.provider.wrap_socket(self.sock)
         secure_sock.connect((self.host, self.port))
 
         secure_sock.write(b"GET / HTTP/1.1\n\n")
@@ -45,6 +44,44 @@ class SSLClientTest(unittest.TestCase):
 
         secure_sock.close()
 
+    def test_wrap_socket_with_ca(self):
+        secure_sock = self.provider.wrap_socket(
+            self.sock, cert_reqs=self.provider.CERT_REQUIRED,
+            ca_certs="../../../certs/external/ca-globalsign-root-r2.pem")
+        secure_sock.connect((self.host, self.port))
+
+        secure_sock.write(b"GET / HTTP/1.1\n\n")
+        self.assertEqual(b"HTTP", secure_sock.read(4))
+
+        secure_sock.close()
+
+    def test_wrap_socket_from_context(self):
+        ctx = self.provider.SSLContext(self.provider.PROTOCOL_TLSv1_2)
+
+        ctx.verify_mode = self.provider.CERT_REQUIRED
+        ctx.load_verify_locations(
+            "../../../certs/external/ca-globalsign-root-r2.pem")
+
+        secure_sock = ctx.wrap_socket(self.sock)
+        secure_sock.connect((self.host, self.port))
+
+        secure_sock.write(b"GET / HTTP/1.1\n\n")
+        self.assertEqual(b"HTTP", secure_sock.read(4))
+
+        secure_sock.close()
+
+    def test_ssl_socket(self):
+        secure_sock = self.provider.SSLSocket(
+            self.sock,
+            cert_reqs=self.provider.CERT_REQUIRED,
+            ca_certs="../../../certs/external/ca-globalsign-root-r2.pem")
+
+        secure_sock.connect((self.host, self.port))
+
+        secure_sock.write(b"GET / HTTP/1.1\n\n")
+        self.assertEqual(b"HTTP", secure_sock.read(4))
+
+        secure_sock.close()
 
 class TestWolfSSL(SSLClientTest):
-    ssl_provider = wolfssl
+    provider = wolfssl
diff --git a/wrapper/python/wolfssl/test/test_context.py b/wrapper/python/wolfssl/test/test_context.py
index 3060a9434..2c1a0920b 100644
--- a/wrapper/python/wolfssl/test/test_context.py
+++ b/wrapper/python/wolfssl/test/test_context.py
@@ -129,9 +129,6 @@ class TestSSLContext(unittest.TestCase):
     def test_verify_mode(self):
         self.assertEqual(self.ctx.verify_mode, self.provider.CERT_NONE)
 
-        self.ctx.verify_mode = self.provider.CERT_OPTIONAL
-        self.assertEqual(self.ctx.verify_mode, self.provider.CERT_OPTIONAL)
-
         self.ctx.verify_mode = self.provider.CERT_REQUIRED
         self.assertEqual(self.ctx.verify_mode, self.provider.CERT_REQUIRED)
 
diff --git a/wrapper/python/wolfssl/wolfssl/__init__.py b/wrapper/python/wolfssl/wolfssl/__init__.py
index 71bb6e574..d637c164e 100644
--- a/wrapper/python/wolfssl/wolfssl/__init__.py
+++ b/wrapper/python/wolfssl/wolfssl/__init__.py
@@ -51,10 +51,9 @@ from wolfssl.__about__ import (
 globals().update(METADATA)
 
 CERT_NONE = 0
-CERT_OPTIONAL = 1
-CERT_REQUIRED = 2
+CERT_REQUIRED = 1
 
-_VERIFY_MODE_LIST = [CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED]
+_VERIFY_MODE_LIST = [CERT_NONE, CERT_REQUIRED]
 
 _SSL_SUCCESS = 1
 _SSL_FILETYPE_PEM = 1